Secure Coding mailing list archives
Perspectives on Code Scanning
From: mshines at purdue.edu (Michael S Hines)
Date: Thu, 7 Jun 2007 09:13:19 -0400
and that's the problem. the accountability for insecure coding should reside with the developers. it's their fault [mostly].
The customers have most of the power, but the security community has collectively failed to educate customers on how to ask for more secure software. There are pockets of success, but a whole lot more could be done. --- the software should work and be secure (co-requirements). The user community has been educated to accept CTL-ALT-DEL and wait as an acceptable method of computing (and when things are really haywire - resintall the OS and loose all your work). We've got a long way to go for them to expect software to also be secure, since they now accept that it doesn't work right as SOP. Mike Hines mshines at purdue.edu
Current thread:
- IBM to catch Watchfire security technology | Tech News on ZDNet Kenneth Van Wyk (Jun 06)
- Perspectives on Code Scanning McGovern, James F (HTSC, IT) (Jun 06)
- Perspectives on Code Scanning Michael Silk (Jun 06)
- Perspectives on Code Scanning Steven M. Christey (Jun 06)
- Perspectives on Code Scanning Michael S Hines (Jun 07)
- Perspectives on Code Scanning der Mouse (Jun 07)
- Perspectives on Code Scanning Shea, Brian A (Jun 07)
- Perspectives on Code Scanning der Mouse (Jun 07)
- Perspectives on Code Scanning Michael Silk (Jun 06)
- Perspectives on Code Scanning McGovern, James F (HTSC, IT) (Jun 13)
- Perspectives on Code Scanning McGovern, James F (HTSC, IT) (Jun 06)
- Perspectives on Code Scanning McGovern, James F (HTSC, IT) (Jun 07)
- Perspectives on Code Scanning Gunnar Peterson (Jun 07)
- Perspectives on Code Scanning Michael Silk (Jun 07)
- Perspectives on Code Scanning McGovern, James F (HTSC, IT) (Jun 07)